Re: [systemd-devel] systemd - how to run system service by user target

[Lennart Poettering]

On Thu, 20.10.16 05:23, Kamil Jońca (kjo...@o2.pl) wrote:

> Lennart Poettering  writes:
> 
> > On Wed, 19.10.16 12:46, Kamil Jońca (kjo...@o2.pl) wrote:
> >
> >> 
> >> Assume we have openvpn.service.
> >> This service neccessary only when I want to connect to my work from
> >> home.
> >> 
> >> Is it possible to make user target which will be automatically run this
> >> service?
> >
> > Whenever a user logs in it will get a per-user slice unit
> > started. When the user logs out, the slice unit is removed. You could
> 
> Unfortunately we cannot say about user login/logout - I have my laptop
> and it is only hibernated or sleeping. 
> I thought rather about:
> 
> --8<---cut here---start->8---
> systemctl --user start work-at-home.target
> --8<---cut here---end--->8---
> which runs vpn, mounts network discs etc.
> Is it possible?

Well, this would require a privilege elevation. You can configure that
by invoking "systemctl start --system" on the right system units, and
then telling PK via its policy language that your user shall be
allowed to do that. But I am not PK policy pro, you'd have to check
the policy language to figure out how best to do this.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] systemd - how to run system service by user target

[Kamil Jońca]

Lennart Poettering  writes:

[...]
>
> Well, this would require a privilege elevation. You can configure that
> by invoking "systemctl start --system" on the right system units, and
> then telling PK via its policy language that your user shall be
> allowed to do that. But I am not PK policy pro, you'd have to check
> the policy language to figure out how best to do this.

Well, simpler would be do system target, and run systemctl via sudo :)
Thanks.
KJ
-- 
http://stopstopnop.pl/stop_stopnop.pl_o_nas.html
The church is near but the road is icy; the bar is far away but I will
walk carefully.
-- Russian Proverb
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] How to deploy systemd-nspawn containers and use for deployment

[Lennart Poettering]

On Thu, 20.10.16 12:35, Juanjo Presa (juan...@gmail.com) wrote:

> I am comfortable with machinectl nowadays but maybe I miss some kind of
> versioning of images generated. Do you have any advice or recommendation
> about this?

Versioning is hard. We have no concept for that in nspawn/machined,
and right now I have no good suggeston about it, except maybe that you
could include a version identifier in the container's name, the same
way deb/rpm packages do it...

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] getting systemd 232 ready

[Lennart Poettering]

On Thu, 20.10.16 04:00, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote:

> Hi,
> 
> I was hoping systemd 232 would be released before systemd.conf as a
> nice simple release. Unfortunately before the conference started, there
> were too many regressions and bugs open. Since then people have been piling
> new stuff on top, which is good, but keeps delaying the release.
> 
> My proposal is to wrap 232 up, by fixing outstanding regressions, and a
> portion of open bugs tagged with the v232 milestone (see below).
> New stuff should wait until after the release.
> 
> 
> tl;dr version:
>  1. squash bugs and merge PRs with milestone:v232, but ignore any 
> label:resolve
>  2. revert "networkd: add dbus interface for lease raw options (#3528)"
>  3. profit ;)

Sounds all good to me. Let's move the resolved ones to milestone v233!

And let's try to focus on doing v233 quickly after v232, without doing
any new dev work in between, let's leave that for v234

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] How to deploy systemd-nspawn containers and use for deployment

[Juanjo Presa]

I am comfortable with machinectl nowadays but maybe I miss some kind of
versioning of images generated. Do you have any advice or recommendation
about this?

On Thu, Oct 20, 2016 at 2:41 AM, Nathan Williams 
wrote:

> Fwiw, if you're using Chef, the impending release of v3 of the systemd
> cookbook has a machine_image and a machine resource, which use importd and
> nspawn under the hood.
>
> On Wed, Oct 19, 2016, 3:45 PM Lennart Poettering 
> wrote:
>
>> On Thu, 13.10.16 01:09, Brian Kroth (bpkr...@gmail.com) wrote:
>>
>> > Seems really dependent upon the container layout as to what's the most
>> > appropriate way of doing that. For instance, if the underlying fs of the
>> > source container is something like btrfs or zfs you could imagine doing
>> a
>> > send/recv of a golden snapshot. Possibly also for an lvm
>> volume/snapshot.
>> > For others rsync might be best. For others maybe it's just a deployment
>> > script or tar or git repo.
>>
>> Yeah, to make this clear: I doubt we should really be in the
>> deployment business too much. That's for other people to solve, for
>> example rkt.
>>
>> However, I do think the most basic bits should probably be available,
>> simply to get developers off the ground for the most basic testing. I
>> figure that means "machinectl migrate" (as suggested in the other
>> mail) is really as good as it might get, and anything fancier should
>> really be left to other projects.
>>
>> Lennart
>>
>> --
>> Lennart Poettering, Red Hat
>> ___
>> systemd-devel mailing list
>> systemd-devel@lists.freedesktop.org
>> https://lists.freedesktop.org/mailman/listinfo/systemd-devel
>>
>
> ___
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
>
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel